Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill exposes environment-variable handling, network use, and file-write capability in its documented workflow, but it does not declare any permissions or constraints for those capabilities. That mismatch weakens policy enforcement and user visibility: the skill can access credentials like SQL_DSN and OPENAI_API_KEY, contact databases or model endpoints, and write audit logs without an explicit permission boundary.
